How Safe Are You from Chip Security Flaws?

By: Jamie Hari, Director of Cyber Security and Cloud

Managed Vulnerability Scanning Detects Cyber Security Threats

In late 2017, researchers announced some major security vulnerabilities in microprocessors that affect virtually every mainstream commercial processor made worldwide since 1995. This includes billions of laptops, desktops, servers, smartphones and other mobile devices.

The names for these vulnerabilities — Meltdown and Spectre — haven’t done much to reassure a worried public. The two gremlins, introduced decades ago, manipulate the way processors optimize performance. What makes Meltdown and Spectre unique is that they allow attackers to exploit systems which have been perfectly configured and are otherwise defect-free.

Conventional prevention methods, such as firewalls and antivirus programs, provide little to no detection or protection against these types of attacks, which makes them even more dangerous.

The most effective remedy to both vulnerabilities is to apply software patches which have been recently created specifically to address Meltdown and Spectre. While some of the initial patches have affected computer performance, improvements are being made daily. And the experts concur: the minor side effects are worth it.

For businesses, the process of patch management can be complex. Given thousands of systems and hundreds of potential patches for each system, enterprises can face a daunting task of ensuring a million or more vulnerabilities have been mitigated. As a result, most systems are only checked for updates once or twice per year, leaving them exposed for several months at a time — which has been shown to be the root cause for major breaches.

System administrators at larger organizations use tools like Windows Server Update Services (WSUS) or Red Hat Satellite to automate the monitoring and deployment of patches to operating systems, but other systems like firewalls and web servers often don’t have such tools.

Zayo offers a Managed Vulnerability Scanning service to help network and system administrators detect vulnerabilities. The service scans systems for currently applied patches every month and compares that to an up-to-the-minute list of available patches to determine which patches are missing and which vulnerabilities exist as a result. Customers receive a report after each scan and can use that report to easily prioritize patch management efforts, greatly reducing the time systems are vulnerable.

The service is part of Zayo’s portfolio of Managed Security Services, which also include Next Generation Firewall, Content and Web Filtering, Authentication and Identity Management, Cloud Security and Encryption. These services are available to existing and new customers, and can be delivered in a variety of options from fully managed, co-managed and self-managed.

Make it a 2018 resolution to mitigate your security vulnerabilities. Protect your computer, networks and data from Meltdown, Spectre and other malicious hacks and bad actors. For more information, please contact your Zayo account representative or call 866.364.6033.